Why Is Escaping Data Considered So Magical?

[Lawrence D'Oliveiro]

In message <pan.2010.06.27.13.55.04.500000 at nowhere.com>, Nobody wrote:

> On Sun, 27 Jun 2010 14:36:10 +1200, Lawrence D'Oliveiro wrote:
> 
>> Except nobody has yet shown an alternative which is easier to get right.
> 
> For SQL, use stored procedures or prepared statements.

So feel free to rewrite my example using either stored procedures or 
prepared statements, to prove how much easier it is.